STATEFUL APPLICATION CONTROL is a New Approach for Blocking Zero-Day Threats

[Gnosis]

It's a neverending chess game between writers of malicious code and security professionals regarding zero-day threats. Blacklisting and sandboxing are common defenses but hackers can find away around those protections. However, a new technique called stateful application control can stop bad code in its tracks before software vulnerabilities can be exploited.

READ MORE:

http://www.technewsworld.com/story/78071.html

 

[DrBeenGolfing]

RE: A New Approach for Blocking Zero-Day Threats

Stop Zero-Day Application Exploits
and Data Exfiltration
Advanced information-stealing malware enables APTs and targeted attacks on enterprises. The main infection vectors are exploitation of application vulnerabilities, and social engineering schemes that result in direct malware installation. Advanced malware circumvents blacklisting of signatures and malicious behaviors. Whitelisting approaches, which minimize malware evasion, have proven difficult to implement and manage.

Trusteer Apex applies a new approach to stop zero day application exploits and data exfiltration. By analyzing what the application is doing (operation) and why it is doing it (state), Trusteer Apex can automatically and accurately determine if an application action is legitimate or malicious. Trusteer’s Stateful Application Control enables automated enterprise malware protection that maximizes security while simplifying deployment and minimizing management overhead.

Key Capabilities
Shields Endpoint Applications against Zero-day Exploits
Prevents Data Exfiltration and Credentials Theft
Automates Whitelist Updates Reducing Management Overhead
Unifies Malware Protection for Managed and Unmanaged Endpoints
http://www.trusteer.com/products/trusteer-apex

 

[DrBeenGolfing]

RE: A New Approach for Blocking Zero-Day Threats

Also for Android:
https://play.google.com/store/apps/details?id=com.trusteer.securebrowser.trusteer&feature=search_result#?t=W251bGwsMSwxLDEsImNvbS50cnVzdGVlci5zZWN1cmVicm93c2VyLnRydXN0ZWVyIl0.

 

[jamescv7]

RE: A New Approach for Blocking Zero-Day Threats

EMET can handle well to handle those vulnerabilities software against zero day.

Which perfectly harden the system and put at maximum protection.

ExploitShield Browser, another good exploit protection which can prevent any attacks.

 

[Gnosis]

RE: A New Approach for Blocking Zero-Day Threats

Application control, and HIPS in particular, often require the end user to respond to alerts when suspected fraudulent files are identified, creating both an unwanted annoyance and a security burden. End users are notoriously ill-equipped to make such critical IT decisions and routinely dismiss malware alerts. There have been relatively few meaningful application control prevention deployments to date due to these manageability shortcomings.


Stateful application control is a new approach that protects endpoint devices from advanced data-stealing malware by stopping the exploitation of system vulnerabilities.

STATEFUL APPLICATION CONTROL

Stateful application control actually stops the exploitation process regardless of the vulnerability being exploited. It is effective against both known or unknown vulnerabilities, is agnostic to the type of malicious file attempting to be installed, or the malicious file's source or its destination. The moment an unknown application state is created, the exploitation process is stopped and the downloaded file is quarantined. This approach essentially stops any type of exploit and is not susceptible to evasion.